Skip to content
This repository has been archived by the owner on Nov 6, 2020. It is now read-only.

Commit

Permalink
Fix default CORS settings. (#7387)
Browse files Browse the repository at this point in the history
* Fix default CORS settings.

* Add info regarding special options.
tomusdrw authored and arkpar committed Dec 27, 2017

Unverified

The committer email address is not verified.
1 parent eb1bb8f commit 26e4fc6
Showing 5 changed files with 29 additions and 23 deletions.
16 changes: 8 additions & 8 deletions parity/cli/mod.rs
Original file line number Diff line number Diff line change
@@ -466,9 +466,9 @@ usage! {
"--jsonrpc-threads=[THREADS]",
"Turn on additional processing threads in all RPC servers. Setting this to non-zero value allows parallel cpu-heavy queries execution.",

ARG arg_jsonrpc_cors: (Option<String>) = None, or |c: &Config| otry!(c.rpc).cors.clone(),
ARG arg_jsonrpc_cors: (String) = "none", or |c: &Config| otry!(c.rpc).cors.as_ref().map(|vec| vec.join(",")),
"--jsonrpc-cors=[URL]",
"Specify CORS header for JSON-RPC API responses.",
"Specify CORS header for JSON-RPC API responses. Special options: \"all\", \"none\".",

ARG arg_jsonrpc_server_threads: (Option<usize>) = None, or |c: &Config| otry!(c.rpc).server_threads,
"--jsonrpc-server-threads=[NUM]",
@@ -538,9 +538,9 @@ usage! {
"--ipfs-api-hosts=[HOSTS]",
"List of allowed Host header values. This option will validate the Host header sent by the browser, it is additional security against some attack vectors. Special options: \"all\", \"none\".",

ARG arg_ipfs_api_cors: (Option<String>) = None, or |c: &Config| otry!(c.ipfs).cors.clone(),
ARG arg_ipfs_api_cors: (String) = "none", or |c: &Config| otry!(c.ipfs).cors.as_ref().map(|vec| vec.join(",")),
"--ipfs-api-cors=[URL]",
"Specify CORS header for IPFS API responses.",
"Specify CORS header for IPFS API responses. Special options: \"all\", \"none\".",

["Secret store options"]
FLAG flag_no_secretstore: (bool) = false, or |c: &Config| otry!(c.secretstore).disable.clone(),
@@ -1052,7 +1052,7 @@ struct Rpc {
disable: Option<bool>,
port: Option<u16>,
interface: Option<String>,
cors: Option<String>,
cors: Option<Vec<String>>,
apis: Option<Vec<String>>,
hosts: Option<Vec<String>>,
server_threads: Option<usize>,
@@ -1108,7 +1108,7 @@ struct Ipfs {
enable: Option<bool>,
port: Option<u16>,
interface: Option<String>,
cors: Option<String>,
cors: Option<Vec<String>>,
hosts: Option<Vec<String>>,
}

@@ -1468,7 +1468,7 @@ mod tests {
flag_no_jsonrpc: false,
arg_jsonrpc_port: 8545u16,
arg_jsonrpc_interface: "local".into(),
arg_jsonrpc_cors: Some("null".into()),
arg_jsonrpc_cors: "null".into(),
arg_jsonrpc_apis: "web3,eth,net,parity,traces,rpc,secretstore".into(),
arg_jsonrpc_hosts: "none".into(),
arg_jsonrpc_server_threads: None,
@@ -1507,7 +1507,7 @@ mod tests {
flag_ipfs_api: false,
arg_ipfs_api_port: 5001u16,
arg_ipfs_api_interface: "local".into(),
arg_ipfs_api_cors: Some("null".into()),
arg_ipfs_api_cors: "null".into(),
arg_ipfs_api_hosts: "none".into(),

// -- Sealing/Mining Options
6 changes: 3 additions & 3 deletions parity/cli/tests/config.full.toml
Original file line number Diff line number Diff line change
@@ -49,7 +49,7 @@ reserved_peers = "./path_to_file"
disable = false
port = 8545
interface = "local"
cors = "null"
cors = ["null"]
apis = ["web3", "eth", "net", "parity", "traces", "rpc", "secretstore"]
hosts = ["none"]

@@ -76,7 +76,7 @@ path = "$HOME/.parity/dapps"
user = "test_user"
pass = "test_pass"

[secretstore]
[secretstore]
disable = false
disable_http = false
disable_acl_check = false
@@ -91,7 +91,7 @@ path = "$HOME/.parity/secretstore"
enable = false
port = 5001
interface = "local"
cors = "null"
cors = ["null"]
hosts = ["none"]

[mining]
20 changes: 13 additions & 7 deletions parity/configuration.rs
Original file line number Diff line number Diff line change
@@ -775,13 +775,19 @@ impl Configuration {
apis.join(",")
}

fn cors(cors: Option<&String>) -> Option<Vec<String>> {
cors.map(|ref c| c.split(',').map(Into::into).collect())
fn cors(cors: &str) -> Option<Vec<String>> {
match cors {
"none" => return Some(Vec::new()),
"*" | "all" | "any" => return None,
_ => {},
}

Some(cors.split(',').map(Into::into).collect())
}

fn rpc_cors(&self) -> Option<Vec<String>> {
let cors = self.args.arg_jsonrpc_cors.as_ref().or(self.args.arg_rpccorsdomain.as_ref());
Self::cors(cors)
let cors = self.args.arg_rpccorsdomain.clone().unwrap_or_else(|| self.args.arg_jsonrpc_cors.to_owned());
Self::cors(&cors)
}

fn ipfs_cors(&self) -> Option<Vec<String>> {
@@ -1458,7 +1464,7 @@ mod tests {
assert_eq!(net.rpc_enabled, true);
assert_eq!(net.rpc_interface, "0.0.0.0".to_owned());
assert_eq!(net.rpc_port, 8000);
assert_eq!(conf.rpc_cors(), Some(vec!["*".to_owned()]));
assert_eq!(conf.rpc_cors(), None);
assert_eq!(conf.rpc_apis(), "web3,eth".to_owned());
}

@@ -1525,8 +1531,8 @@ mod tests {
let conf2 = parse(&["parity", "--ipfs-api-cors", "http://parity.io,http://something.io"]);

// then
assert_eq!(conf0.ipfs_cors(), None);
assert_eq!(conf1.ipfs_cors(), Some(vec!["*".into()]));
assert_eq!(conf0.ipfs_cors(), Some(vec![]));
assert_eq!(conf1.ipfs_cors(), None);
assert_eq!(conf2.ipfs_cors(), Some(vec!["http://parity.io".into(),"http://something.io".into()]));
}

4 changes: 2 additions & 2 deletions parity/ipfs.rs
Original file line number Diff line number Diff line change
@@ -34,8 +34,8 @@ impl Default for Configuration {
enabled: false,
port: 5001,
interface: "127.0.0.1".into(),
cors: None,
hosts: Some(Vec::new()),
cors: Some(vec![]),
hosts: Some(vec![]),
}
}
}
6 changes: 3 additions & 3 deletions parity/rpc.rs
Original file line number Diff line number Diff line change
@@ -59,8 +59,8 @@ impl Default for HttpConfiguration {
interface: "127.0.0.1".into(),
port: 8545,
apis: ApiSet::UnsafeContext,
cors: None,
hosts: Some(Vec::new()),
cors: Some(vec![]),
hosts: Some(vec![]),
server_threads: 1,
processing_threads: 4,
}
@@ -98,7 +98,7 @@ impl From<UiConfiguration> for HttpConfiguration {
interface: conf.interface,
port: conf.port,
apis: rpc_apis::ApiSet::UnsafeContext,
cors: None,
cors: Some(vec![]),
hosts: conf.hosts,
server_threads: 1,
processing_threads: 0,

0 comments on commit 26e4fc6

Please sign in to comment.